EUVD-2021-11785

Malware in sbrugna...

CVE-2023-30552 SQL injection in sql/instance.py endpoint in Archery - GHSL-2022-101

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sql/instance.py endpoint's describe method. In several cases, user...

PT-2023-22779 · Archery · Archery

Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. The issue arises from the sql/instance.py endpoint's describ...

PT-2023-6422 · Unknown +3 · Active Record +3

Name of the Vulnerable Software and Affected Versions: ActiveRecord versions 6.0.0 through 6.0.6, versions 6.1.0 through 6.1.7, and versions 7.0.0 through 7.0.4 Description: A vulnerability in ActiveRecord is related to the sanitization of comments, which may allow an attacker to inject SQL outsi...

Open Business Management 1.0.3 pl1 group_index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18348/info Open Business Management is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize HTML and script code from user-supplied input to several parameters before returning to t...